{"id":4368,"date":"2017-08-22T17:03:57","date_gmt":"2017-08-22T11:33:57","guid":{"rendered":"https:\/\/qadit.com\/blog\/?p=4368"},"modified":"2017-08-22T17:03:57","modified_gmt":"2017-08-22T11:33:57","slug":"network-forensics-tool-networkminer-2-2-released","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/network-forensics-tool-networkminer-2-2-released\/","title":{"rendered":"Network forensics tool NetworkMiner 2.2 released"},"content":{"rendered":"<div>\n<div class=\"entry-content\">\n<p><a href=\"https:\/\/ift.tt\/2dgjWgS\" target=\"_blank\">NetworkMiner<\/a> is a popular network forensics tool that can parse pcap files as well as perform live sniffing of network traffic. It collects data about hosts on the network rather than to collect data regarding the traffic on the network. <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/ift.tt\/2wsQzBZ\" class=\"aligncenter\" alt=\"NetworkMiner forensics tool\" title=\"NetworkMiner\"><\/p>\n<p>In NetworkMiner 2.2, the PCAP parsing speed has more than doubled and even more details are now extracted from analyzed packet capture files.<\/p>\n<h3>User interface improvements<\/h3>\n<p>The keyword filter available in the Files, Messages, Sessions, DNS and Parameters tabs has been improved so that the rows now can be filtered on a single column of choice by selecting the desired column in a drop-down list. There is also an \u201cAny column\u201d option, which can be used to search for the keyword in all columns.<\/p>\n<p>The Messages tab now allows the filter keyword to be matched against the text in the message body as well as email headers when the \u201cAny column\u201d option is selected.<\/p>\n<p>Time stamps are now instead shown using the yyyy-MM-dd HH:mm:ss format with time zone explicitly stated.<\/p>\n<h3>Protocol parsers<\/h3>\n<p>The latest version comes with an RDP parser, which is primarily used in order to extract usernames from RDP cookies and show them on the Credentials tab. Version 2.2 also comes with better extraction of SMB1 and SMB2 details, such as NTLM SSP usernames.<\/p>\n<p>NetworkMiner moved to .NET Framework 4.0. This move doesn\u2019t require any special measures to be taken for most Microsoft Windows users since the 4.0 Framework is typically already installed on these machines. If you\u2019re running NetworkMiner in Linux, you might wanna check out an updated blog post on <a href=\"https:\/\/ift.tt\/1onMjvr\" target=\"_blank\">how to install NetworkMiner in Linux<\/a>.<\/p>\n<p>The developers have also added an automatic check for new versions of NetworkMiner, which runs every time the tool is started.<\/p>\n<p class=\"hnst-tag-specific-content\">\n<\/p><\/div>\n<\/p><\/div>\n<p><b>Read the Full Article here: <a href=\"https:\/\/ift.tt\/1LoKdAd\">&gt;Help Net Security &#8211; News<\/a><\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>NetworkMiner is a popular network forensics tool that can parse pcap files as well as perform live sniffing of network traffic. It collects data about hosts on the network rather than to collect data regarding the traffic on the network. In NetworkMiner 2.2, the PCAP parsing speed has more than doubled and even more details &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/qadit.com\/blog\/network-forensics-tool-networkminer-2-2-released\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Network forensics tool NetworkMiner 2.2 released&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[293],"class_list":["post-4368","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-wonder-information"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-18s","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4368","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=4368"}],"version-history":[{"count":1,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4368\/revisions"}],"predecessor-version":[{"id":4369,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4368\/revisions\/4369"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=4368"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=4368"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=4368"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}